{"id":25257535,"url":"https://github.com/michelin/suricate","last_synced_at":"2025-10-27T03:30:22.934Z","repository":{"id":38044572,"uuid":"120731406","full_name":"michelin/suricate","owner":"michelin","description":"Visualize IT platforms data within a single, centralized monitoring system.","archived":false,"fork":false,"pushed_at":"2025-02-11T22:59:12.000Z","size":11074,"stargazers_count":47,"open_issues_count":14,"forks_count":13,"subscribers_count":3,"default_branch":"master","last_synced_at":"2025-02-11T23:38:04.699Z","etag":null,"topics":["alerting","angular","dashboard","github","gitlab","monitoring","sonarqube","spring-boot","tv","websocket","widget"],"latest_commit_sha":null,"homepage":"","language":"Java","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/michelin.png","metadata":{"files":{"readme":"README.md","changelog":"changelog-builder.json","contributing":"CONTRIBUTING.md","funding":null,"license":"LICENSE","code_of_conduct":"CODE_OF_CONDUCT.md","threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-02-08T08:14:18.000Z","updated_at":"2025-02-11T22:59:14.000Z","dependencies_parsed_at":"2024-01-29T13:47:31.767Z","dependency_job_id":"6a47a7c8-7bf1-4198-8adc-aacb02d45c49","html_url":"https://github.com/michelin/suricate","commit_stats":null,"previous_names":[],"tags_count":27,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michelin%2Fsuricate","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michelin%2Fsuricate/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michelin%2Fsuricate/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/michelin%2Fsuricate/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/michelin","download_url":"https://codeload.github.com/michelin/suricate/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":238427534,"owners_count":19470842,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["alerting","angular","dashboard","github","gitlab","monitoring","sonarqube","spring-boot","tv","websocket","widget"],"created_at":"2025-02-12T06:49:02.378Z","updated_at":"2025-10-27T03:30:22.927Z","avatar_url":"https://github.com/michelin.png","language":"Java","readme":"\u003cdiv align=\"center\"\u003e\n  \n\u003cimg src=\".readme/logo.png\" alt=\"Suricate\"/\u003e\n\n# Suricate\n\n[![GitHub Build](https://img.shields.io/github/actions/workflow/status/michelin/suricate/build.yml?branch=master\u0026logo=github\u0026style=for-the-badge)](https://img.shields.io/github/actions/workflow/status/michelin/suricate/build.yml)\n[![GitHub Release](https://img.shields.io/github/v/release/michelin/suricate?logo=github\u0026style=for-the-badge)](https://github.com/michelin/suricate/releases)\n[![GitHub Stars](https://img.shields.io/github/stars/michelin/suricate?logo=github\u0026style=for-the-badge)](https://github.com/michelin/suricate)\n[![Docker Pulls](https://img.shields.io/docker/pulls/michelin/suricate?label=Pulls\u0026logo=docker\u0026style=for-the-badge)](https://hub.docker.com/r/michelin/suricate/tags)\n[![SonarCloud Coverage](https://img.shields.io/sonar/coverage/michelin_suricate?logo=sonarcloud\u0026server=https%3A%2F%2Fsonarcloud.io\u0026style=for-the-badge)](https://sonarcloud.io/component_measures?id=michelin_suricate\u0026metric=coverage\u0026view=list)\n[![SonarCloud Tests](https://img.shields.io/sonar/tests/michelin_suricate/master?server=https%3A%2F%2Fsonarcloud.io\u0026style=for-the-badge\u0026logo=sonarcloud)](https://sonarcloud.io/component_measures?metric=tests\u0026view=list\u0026id=michelin_suricate)\n[![License](https://img.shields.io/badge/License-Apache%202.0-blue.svg?logo=apache\u0026style=for-the-badge)](https://opensource.org/licenses/Apache-2.0)\n\n[Download](#download) • [Install](#install) • [Widgets](https://github.com/michelin/suricate-widgets) • [DevTool](https://github.com/michelin/suricate-widget-tester)\n\nVisualize IT platforms data within a single, centralized monitoring system.\n\nBuild customizable dashboards using various widgets, sourcing data from IT platform REST APIs. \nSuricate uses WebSockets to control and update dashboards on external displays.\n\n![Suricate dashboard developer environment](.readme/dashboard.gif)\n\n\u003c/div\u003e\n\n## Table of Contents\n\n* [Download](#download)\n* [Install](#install)\n* [Configuration](#configuration)\n  * [Database](#database)\n    * [H2](#h2)\n    * [PostgreSQL](#postgresql)\n    * [Initialization with Flyway](#initialization-with-flyway)\n  * [Authentication](#authentication)\n    * [Database](#database-1)\n    * [LDAP](#ldap)\n    * [Social Login](#social-login)\n      * [GitHub](#github)\n      * [GitLab](#gitlab)\n      * [Redirection to Front-End](#redirection-to-front-end)\n      * [Name Parsing Strategy](#name-parsing-strategy)\n    * [Personal Access Token](#personal-access-token)\n  * [Widgets](#widgets)\n    * [Encryption](#encryption)\n    * [Repositories](#repositories)\n* [Swagger](#swagger)\n* [Contribution](#contribution)\n\n## Download\n\nYou can download Suricate as a JAR from the [GitHub releases page](https://github.com/michelin/suricate/release) (requires Java 25).\n\nAdditionally, a Docker image is available on [Docker Hub](https://hub.docker.com/repository/docker/michelin/suricate).\n\n## Install\n\nSuricate is built on the [Spring Boot framework](https://spring.io/) and can be configured using a Spring Boot\nconfiguration file, which includes a sample file located at `src/main/resources/application.yml`.\n\nIf necessary, you can override the properties from the default `application.yml` file by following\nthe [Spring Boot externalized configuration guide](https://docs.spring.io/spring-boot/reference/features/external-config.html).\nFor example, you can create a custom  `/config/application.yml` or set the `--spring.config.location` system\nproperty when running the fat jar file:\n\n```console\njava -jar suricate.jar --spring.config.location=classpath:\\,file:C:\\myCustomLocation\\\n```\n\nAlternatively, you can use the provided docker-compose file to run the application and use a volume to override the\ndefault properties:\n\n```console\ndocker-compose up -d\n```\n\nAfter running the command, the application will be accessible on http://localhost:8080/.\n\n## Configuration\n\n### Database\n\nSuricate supports multiple database management systems:\n\n- H2 (default)\n- PostgreSQL\n\n#### H2\n\nBy default, Suricate runs on an H2 file database, activated through the `h2` profile in `application.yml`:\n\n```yml\nspring:\n  profiles:\n    active: 'h2'\n```\n\nThis activates the `application-h2.yml` file, which contains the necessary H2 configuration.\n\n#### PostgreSQL\n\nTo switch to PostgreSQL, activate the `postgresql` profile:\n\n```yml\nspring:\n  profiles:\n    active: 'postgresql'\n```\n\nThis enables the `application-postgresql.yml` file, which contains the PostgreSQL-specific configuration.\n\nAdditionally, you need to provide your database connection details in an external configuration file:\n\n```yml\nspring:\n  datasource:\n    url: '\u003cyour-database-url\u003e'\n    username: '\u003cyour-username\u003e'\n    password: '\u003cyour-password\u003e'\n```\n\n#### Initialization with Flyway\n\nSuricate uses [Flyway](https://docs.spring.io/spring-boot/docs/2.0.0.M5/reference/html/howto-database-initialization.html) for database initialization.\n\nBy default, Flyway:\n- Automatically sets up the database structure (tables, constraints, etc.).\n- Populates the database with the minimum required functional data on the first startup.\n\nIt applies the appropriate scripts based on your database management system. These scripts are located in `src/main/resources/flyway`.\n\nFlyway maintains the database version in a table named `schema_version`, configured as:\n\n```yml\nspring:\n  flyway:\n    table: 'schema_version'\n```\n\nIf needed, it can be disabled by setting:\n\n```yml\nspring:\n  flyway:\n    enabled: false\n```\n\n### Authentication\n\nSuricate supports multiple authentication methods:\n\n- Database Authentication\n- LDAP Authentication\n- Social Login (OIDC - OpenID Connect)\n\nRegardless of the method used, Suricate issues a JWT token to authenticate users on the backend.\n\nYou can configure the JWT token using the following properties:\n\n```yml\napplication:\n  authentication:\n    jwt:\n      signingKey: 'changeitchangeitchangeitchangeit'\n      tokenValidityMs: 86400000\n```\n\nThe signing key should be at least 256 bits long (since Suricate v2.8.0) and should be changed for each environment.\n\n#### Database\n\nAfter signing up, you can log in to Suricate using database authentication.\n\nTo enable this authentication mode, set the following YAML property:\n\n```yml\napplication:\n  authentication:\n    provider: 'database'\n```\n\nWhen this mode is activated, a \"**Register now**\" button will appear on the login page, allowing users to create an account.\n\n#### LDAP\n\nYou can log in to Suricate an LDAP. \n\nTo enable this authentication mode, set the following YAML property:\n\n```yml\napplication:\n  authentication:\n    provider: 'ldap'\n```\n\nIf you choose the ldap authentication mode, you must specify the following additional properties:\n\n```yml\napplication:\n  authentication:\n    ldap:\n      firstNameAttributeName: ''\n      lastNameAttributeName: ''\n      mailAttributeName: ''\n      password: ''\n      url: ''\n      userDnPatterns: ''\n      userSearchBase: ''\n      userSearchFilter: ''\n      username: ''\n```\n\n#### Social Login\n\nSuricate supports authentication with GitHub and GitLab. You can configure social login using\nthe `application-social-login.yml` file, which you can activate by running the application with\nthe `social-login` profile.\n\nWhen you activate social login, you can activate or deactivate a social login mode by adding or removing it from the\nproperty:\n\n```yml\napplication:\n  authentication:\n    socialProviders: 'gitlab,github'\n```\n\n##### GitHub\n\nTo log in using GitHub, you must specify the following properties:\n\n```yml\nspring:\n  security:\n    oauth2:\n      client:\n        registration:\n          github:\n            client-id: '\u003cgithub-client-id\u003e'\n            client-secret: '\u003cgithub-client-secret\u003e'\n```\n\n##### GitLab\n\nTo log in using GitLab with OIDC, you must specify the following properties:\n\n```yml\nspring:\n  security:\n    oauth2:\n      client:\n        provider:\n          gitlab:\n            issuer-uri: 'https://gitlab.com'\n        registration:\n          gitlab:\n            authorization-grant-type: 'authorization_code'\n            client-id: '\u003cgitlab-client-id\u003e'\n            client-secret: '\u003cgitlab-client-secret\u003e'\n            redirect-uri: 'http://localhost:8080/login/oauth2/code/gitlab'\n            scope: 'read_user,openid,profile,email'\n```\n\nTo log in using GitLab with OAuth2, you must specify the following properties:\n\n```yml\nspring:\n  security:\n    oauth2:\n      client:\n        provider:\n          gitlab:\n            issuer-uri: 'https://gitlab.com'\n            user-info-uri: 'https://gitlab.com/api/v4/user'\n            user-name-attribute: 'username'\n        registration:\n          gitlab:\n            authorization-grant-type: 'authorization_code'\n            client-id: '\u003cgitlab-client-id\u003e'\n            client-secret: '\u003cgitlab-client-secret\u003e'\n            redirect-uri: 'http://localhost:8080/login/oauth2/code/gitlab'\n            scope: 'read_user'\n```\n\n##### Redirection to Front-End\n\nThe social login is based on OAuth2/OIDC and is handled by the Back-End. After a successful or failed authentication\nwith a social network, the Back-End redirects to the Front-End.\n\nThe Back-End uses the following methods to redirect to the Front-End in this order:\n\n- A given _redirect_uri_ query parameter provided by the Front-End to the Back-End in the authorization request (\n  e.g., http://localhost:8080/api/oauth2/authorization/github?redirect_uri=/login). \n  The host can even be different (e.g., http://localhost:8080/api/oauth2/authorization/github?redirect_uri=http://localhost:4200/login)\n- The referer in this authorization, but it can be hidden or lost after a redirection to the ID provider.\n- A default target URL defined in the Back-End.\n\nThe first option is currently used.\n\nThe other options are defined by the following properties:\n\n```yml\napplication:\n  authentication:\n    oauth2:\n      defaultTargetUrl: 'http://localhost:4200/login'\n      useReferer: false\n```\n\n##### Name Parsing Strategy\n\nBy default, Suricate parses the user's first name and last name from the ID provider using the format \"Firstname\nLastname\". However, you can also configure Suricate to parse the first name and last name based on the case (\nupper/lower) using the following property:\n\n```yml\napplication:\n  authentication:\n    socialProvidersConfig:\n      \u003cprovider\u003e:\n        nameCaseParse: true\n```\n\nSimply replace `\u003cprovider\u003e` with the appropriate social provider, such as `github` or `gitlab`.\n\n#### Personal Access Token\n\nThe application allows for the generation of personal access tokens for authentication. The following\nproperties are used for token generation and verification:\n\n```yml\napplication:\n  authentication:\n    pat:\n      checksumSecret: 'changeit'\n      prefix: 'sup'\n```\n\nIt is recommended to update the _checksumSecret_ with a different secret for each environment, to enhance security.\n\nThe _prefix_ is used by the application to identify the token type and parse it.\n\nYou can use a personal access token to authenticate API requests as follows:\n\n```console\ncurl http://localhost:8080/api/v1/projects -H \"Authorization: Token \u003cyour-token\u003e\"\n```\n\n### Widgets\n\nHere is given the guidelines to configure the widgets.\n\n#### Encryption\n\nSensitive widget parameters such as passwords or tokens are encrypted in the database. \nYou must change the encryption key for each environment using the following property: \n\n```yml\njasypt:\n  encryptor:\n    password: 'changeitchangeitchangeitchangeit'\n```\n\n#### Repositories\n\nThe first time you start the application, you'll need to configure a repository of widgets. To do this, navigate to the\nrepositories tab and add a new repository. You can choose to add either a local or remote repository (such as GitLab or\nGitHub).\n\nIf you don't have a repository yet, you can create your own widgets repository by following the instructions provided\nin the [official open-source widgets GitHub repository](https://github.com/michelin/suricate-widgets), or use this\nrepository directly.\n\nTo configure this repository in Suricate, use the following settings:\n\n```yml\nName: [ Enter a name of your choice ]\nURL: https://github.com/michelin/suricate-widgets.git\nbranch: master\nlogin: [ Your GitHub login ]\npassword: [ Your GitHub password ]\n```\n\n### Swagger\n\nSuricate uses [Springdoc](https://springdoc.org/) to generate an API documentation.\n\nBy default:\n- The Swagger UI page is available at http://localhost:8080/swagger-ui/index.html.\n- The OpenAPI description is available at http://localhost:8080/v3/api-docs.\n\nBoth can be customized by using the [Springdoc properties](https://springdoc.org/#properties).\n\nYou can authenticate using the `POST /api/v1/auth/signin` endpoint and then use the `Authorize` button to add the\nJWT token in the `Authorization` header.\n\n\u003e Note: The authentication through social login is not supported yet by the Swagger UI.\n\n## Contribution\n\nWe welcome contributions from the community! Before you get started, please take a look at\nour [contribution guide](https://github.com/michelin/suricate/blob/master/CONTRIBUTING.md) to learn about our guidelines\nand best practices. We appreciate your help in making Suricate a better tool for everyone.\n","funding_links":[],"categories":["DevOps"],"sub_categories":[],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmichelin%2Fsuricate","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fmichelin%2Fsuricate","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fmichelin%2Fsuricate/lists"}